Smallest but Most Disturbing Cyber Security Threat: Credential Stuffing

Before starting this I want to describe cyber security in simple words. 
Cyber Security is the practice of defending computers, servers, mobiles, electronic devices and most importantly data from malicious attacks. It is also known as Information Technology Security or Electronic Information Security

We often talk about Cyber Security Threats including Ransomware Attacks, Phishing, Data Leakage, Hacking, Insider Threat, etc. All of these threats are dangerous for big organizations and they are precisely defending them. But, what we are doing for our safety in this vast cyber space? There is a threat for us that we should be aware of and that is Credential Stuffing.

What is Credential Stuffing?

Credential Stuffing occurs when very large organizations are hit with data breaches. The data stolen from tech giants are used to attack small businesses. Given a huge percentage of people use the same password on varied sites, it gets easier for hackers to access your multiple accounts by accessing just one password.

Hackers then build a bot that visits varied websites and try to login using the credential they stole from the tech giant. This is not even registered as a Data Breach because hackers didn’t break into the same, they just used the actual credentials.

How to protect yourself from Credential Stuffing?

Credential stuffing is still in the very stage but it needs immediate attention, here’s how it can be controlled:

  1. IP address tracking: Whenever a user tries to log in from a new IP address, send them a push notification asking them to verify if they are the one trying to login.
  2. 2 Step Verification: Banks have been using it for a long time and now it is time for other subscription-based services to start using it too. 2 Step verification will stop hackers from accessing the account illegally.
  3. Limiting users: If a user is already logged into the account stopping other users from trying to login can save the accounts from getting hacked.

The End Notes

That's all in this post. I hope you liked it. Well, I will wish that you stay safe in this cyber space. Keep learning more from The Notes. Have a good one.

Post a Comment


Please share your views.